This is an Archive of old forum posts. To add a new message, go to the main WikiForum (that means you, niespolo!)
I just unlocked the wiki. Manni must have forgot he locked it. It has been locked for a good while since we were waiting for the server move. I doubt it has affected too many people though since it was down for so long and then most haven't been able reach us anyway. – Joe - 2005-12-27 23:53 UTC
I thought I had it unlocked, but I guess I once again confused "Unlock Wiki" and "Unlock Site". Guess some spammers would have found us even with some damaged zone files.
The DNS issues are now fixed and you can now revert your hosts files.
– Manni - 2005-12-28 10:05
Consider it a christmas present: chongqed.org is now again fully functional back online.
I'm not sure whether all the scripts work as advertized; maybe I still need to install some Perl modules or correct a file path here and there. Let me know when you see something broken.
A "Merry christmas!" to all of our friends and supporters.
– Manni - 2005-12-23 17:11
I have to add that while we are fully functional again, some people still can't access us. I get a bad DNS lookup for any chongqed subdomains. So I and my blacklist mirror were being blocked from reaching here. I have both solved with my hosts file till things get sorted out. – Joe - 2005-12-27 15:01 UTC
A recent spam submission points to this spamvertized page revision. The remarkable thing about this spamvertizement are the domains that are spamvertized. The roots of these domains give you pretty harmless pages, e.g. of a bed and breakfast in New York, some kind of hair dresser in New Jersey, a non-profit organization helping parents of kids with ADD, again in New Jersey, etc. The spammy URL always redirects you somewhere else.
I'm not sure what's going on here. Is this the work of a spamming web designer? Or is the spammer exploiting security holes on those servers? Any idea what's going on here?
– Manni - 2005-12-14 11:20
Very odd. Anything in the aboutus folder for collincoinclub.com including no parameters gives you a page with a form and javascript going off to a .biz site. For some reason the redirect wasn't working on my browser. Other than a comprimised server, I can think of a couple other posibilites (since the main site looks legit). Maybe the spammer is their webmaster and they have no clue what other stuff he is doing with their domain. Or their webmaster is cooperating with him for a kickback possibly.
And the chaddbc.org one doesn't work, that is just their image directory.
The acvideo.net one I guess did work, but now their account has been suspended.
– Joe - 2005-12-14 10:24 UTC
Newsweek has an article on SEO. See Matt Cutts' post on it and the Slashdot posting. I haven't read it yet, but it sounds interesting. – Joe - 2005-12-12 07:44 UTC
Spyware Warrior has a post with video showing how quick spyware can infect and mess up a machine. They also posted a reply from the company behind the software that was installed. And another post on that company. – Joe - 2005-12-09 14:51 UTC
Just a short announcement about the state of our server moving operations: We still haven't moved. My account is still active (which comes as a pleasant surprise to me) and the domain transfer bureaucracy is moving very slowly (on the other hand, I'll save a lot of money with the new registrar ;-)). Stay tuned. And as I said before: don't be surprised if you suddenly get "host not found errors" or "no website here" messages. They will go away. – Manni - 2005-12-08 19:03
Don't know why a Beginner's Guide to Search Engine Optimization was worth being news at Slashdot, but it was. It has some good information about optimizing your page and warns about spamming and explains why you shouldn't do it. Seems like a good guide from a quick skim through. – Joe - 2005-12-07 23:17 UTC
Looks like Oddmuse (Alex Schreoder) has adopted the Meatball:DigestedSummary experimental feature. Check out that page for an explanation of how you're supposed to 'digest' the sticky summaries. I agree it's a bit of a wacky experiment, and not really a good thing to be included in the oddmuse distribution. Can't see a discussion about it on oddmuse.org anywhere though. – Halz - 2005-12-07 02:09 UTC
I added my own comments there. Basically it is annoying, weird, and inconsistant because the stickyness is based on age of previous revision. I understand what this is all about much better now. Meatball has a better implementation of the digests for the Revision page, showing multiple editors, etc. But I still don't like it. It might be good for a very active wiki with a lot of contributers, but chongqed and many other wikis don't fall in that catagory. I wrote lots over there so no need to repost it here. Most relevant for discussion here is how spammers will use it on purpose or by accident. – Joe - 2005-12-07 05:43 UTC
Wikis that adopt digested summaries present an interesting dilemma for WikiMinion. According to the digested summary model it appears that the proper way to handle an anti-spam revert is to set the summary of the anti-spam edit to the summary attached to the revision to which one reverted (unless, perhaps, if the elapsed time since the last valid revision exceeds the 'old' interval?) However, WikiMinion currently uses the summary field to note what action it took so that a human can more easily diagnose and correct mistakes made by the robot. I feel that information is valuable, and I'm reluctant to leave it out. Should WikiMinion continue with this behavior on wikis that use digested summaries, or should it adopt the mechanism I describe above? Fortunately, only only one or two wikis protected by WikiMinion are running a new version of OddMuse (and hence are now theoretically using digested summaries) and they're so low traffic that they pretty much always behave like a wiki that does not use digested summaries. – RichardP - 2005-12-07 11:16 UTC
Assuming this is extended to other wikis such as MediaWiki, especially Wikipedia since they use a number of bots for various purposes, there needs to be some standard way for bots to leave information. A bot is not capable of writing a proper digest, all it can do is overwrite or append to the previous digest.
Meatball:DigestedSummary mentions a way of recording non discussion changes like this by using brackets.
Bracket copy editing or spam reversion with [CopyEdit: ...] or [WikiSpam: ...]
But I really don't think that information belongs in the digest. The purpose of the digest is for providing a meaningful RSS feed and giving an understanding what has been going on lately on the page. For those purposes the digest is good if used as intended. I don't think information about copy editing and spam cleaning belong in the digest, but there is no other way of recording that they took place. They didn't add anything to the discussion or evolution of the page so why should they be included in the digest?
While overall revision history may be more informative, page histories are less informative. The revision histories are no longer relevant to a single revision anymore. Instead of looking at short notes you must read the longer digests and find what changed between them to locate the revision you want. Are we going to need digest history diffs? That wouldn't even make sense.
In my previous edit of this page, I left a sort of proper digest summary mostly as a joke. Either due to it expiring (which if it did was far to fast on a small wiki) or because Richard didn't follow along, we are back to old fassion edit summaries. I am sticking to the old fassion style anyway. There are ususally only four active posters here anyway. Other than this page, what is there to digest? Now that we are on a new server, maybe we can have an RSS feed for the RecentChanges (since before we didn't due to technical reasons), but I really don't see the need for wikis to have RSS feeds. Wikis are not blogs (except our WikiForum page is pretty bloggy).
– Joe - 2005-12-07 17:22 UTC
Looks like the sticky digests don't stay for very long. I have edited this page a number of times today, within a couple hours it is sticky, but it seems after six hours it is not. That is very short for a slow moving wiki. Even during our more active periods a single page including WikiForum which is by far our most active can go without changes for longer.
I copied some of the above discussion about bots to Meatball:DigestedSummary where it can do some good. They now have the Meatball:DigestedSummaryEmpiricalResults of their experiment so far up. I don't really see it as a good sign for the success of digesting, but they seem happy.
– Joe - 2005-12-08 02:58 UTC
Joe, according to a post by Alex Schroeder to Meatball:DigestedSummary, he chose to implement a summary life-span of four hours in OddMuse. I assume that's why my earlier comments to WikiForum didn't have digested summaries (my posts were more than four hours after the immediately preceding posts). – RichardP - 2005-12-08 07:17 UTC
It seems the bot problem is solved, on MeatBall? text in brackets is filtered from the RSS feed and Revision History so it is only visible on the Page History. I guess that just hasn't been implemented on OddMuse yet. – Joe - 2005-12-08 10:29 UTC
Well, I'm not AWOL, just in lurking mode. Thanks for turning up all that information about the strange new "feature". I must say that I'm really surprised that I couldn't find anything about this on oddmuse.org. No announcements, no discussions, no bug reports, nothing. I wonder how long this will be in OddMuse; maybe it's just an experiment. – Manni - 2005-12-08 19:03
OK. Found it: this page tells you how to deactivate the sticky summaries. No idea what effect that has on the creation of new pages when you don't give a summary. But I will try that now. – Manni - 2005-12-08 19:07
Looks like we are back to what we are used to with the exception of a textarea for the summary. But I guess that we'll get used to that one. – Manni - 2005-12-08 19:09
I ran across a spammer's apology in a recent spam on Lee's Wiki. I've seen spammer's include an apology with their spam, but this excuse (scroll down a bit) is a new one for me. The spammer, Rahat, claims to be in Afghanistan, but the origin colo-69-31-81-234.pilosoft.com [69.31.81.234] is in New York. Also kind of funny is the fact that he uses the CSSHiddenSpam trick to hide his apology. – RichardP - 2005-12-05 06:48 UTC
I think that apology is worth copying over here:
Dear wiki owner! I apologize for spamming your great wiki. My name is Rahat and I live in Afganistan, Kabul. We have'nt any job here, but I should to buy some food for my family (there are two boys and one girl, and my wife Zuhra). That is the reason of spamming of your honest wiki site. This job gives me and my family some little money to live here, in Afganistan hell. I ask you to leave my links in your site, but if you dont like it - please email me at rahat-jaharri @yahoo.com and I will never spam your honest wiki anymore. Good luck to you and your family. Rahat. 8)
How likely would it be that with no jobs there he would have access to a computer to do his spamming? I suppose someone could have setup a spamming business there and that is the only job available. If it is an organized spamming business I am sure they would be using proxies. But it seems really odd that he is apologizing. That is usually what you get from the small time spammers.
Whether or not he is from Afganistan this is just be a social engineering attempt to get people to leave the spam because we know how bad things are over there. Are we really supposed to believe he gets less pay if his links are removed? Of course not.
After thinking about it, I am not supprised he hides the appology. If he didn't, the spam would be too easily noticed. This way, it might stay and if caught the social engineering techniques take over to convince you to leave it. Yeah right! I don't care how bad things are, spamming is not right.
– Joe - 2005-12-05 10:00 UTC
By cleaning up spam we are reducing some people's income, maybe even threatening the livelihoods of some unfortunate individuals who really need the money. But such individuals should find a way to make money which doesn't involve anti-social behaviour. The idea that we should tolerate it is rediculous. It's like saying we should put up with people robbing banks because they really need the money.
Anyway I'm convinced that this is purely social engineering, not someone from Afghanistan at all. I'm sure most spammers (if they thought of it) wouldn't stop short of taking advantage of people's good nature, by adding a message like this to their spam.
Also I suppose wiki spamming probably follows approximately the same country of origin statistics as email spam (not really an Afghan speciality!) – Halz - 2005-12-08 23:32 UTC
I have to move chongqed.org to yet another server. AFAIK, my old account will be deleted on Sunday, December 4th. I might take a little while before all my domains point to the new server. So if you should get a "unknown host" error message in the next couple of days (let's not hope that it will be weeks), don't worry. We'll be back online sooner or later. Until then, I will lock the wiki so I can make a nice backup. – Manni - 2005-12-03 13:46
We've had a couple of really annoying spam incidents recently. As it seems, a new 'feature' in the Oddmuse engine is part of the problem (see the RecentChanges and the mess I made there when archiving October and November). I will try to research the Oddmuse problem and find a way to deal with it. But I'm not at all sure what to do with that latest spammer. Joe remarked that his spam needs 'careful chongqing'. I'm tempted to say that it doesn't need chongqing at all. The sites he is spamvertizing don't look like potential spammers to me. imdb.com? No.
We've had other spam a couple of weeks ago that was spamvertizing a disney.com subdomain. Remember that one? At first I thought that someone was test-driving his bot. But how long does this bot need testing? When will he finally start to spam for real? Any idea what to do about that one?
– Manni - 2005-12-02 11:05
Well, that is why I didn't chongq them. On most I could easily tell 2 of the 3 URLs were not spammer domains. But I kind of wondered about the ones marked rel="itsok". We should also mark those pages he created for deletion when they expire. I couldn't remember the command necessary and didn't want to immediatly delete them.
I dislike the new OddMuse feature of a textbox instead of a single line for revision notes. You shouldn't need to write a whole book in there. I also hate how the revision notes are sticky now. I think that is worth filing a bug report/complaint. I assume that is a purposly added feature, but it is very annoying.
– Joe - 2005-12-02 09:58 UTC
With regards to the "movie domains" spammer, WikiMinion is currently catching him by IP address. I've examined all of the domains that he has used and I believe they are all legitimate with no association with the spammer. To catch potential new spammer IP addresses and to notice if he switches to spammy domains I've also carefully crafted a regular-expression for WikiMinion's "bad content" module that matches the structure of his edits. Naturally I've marked that expression to perform an issue-warning action, not an eliminate-on-sight action.
With regards to the spammer who used to put wthp1.disney.com etc. on pages, he has long since moved on from testing to actual spamming.
– RichardP - 2005-12-02 10:19 UTC
How widespread is this "movie domains" spammer? Are his spammed domain victims consistant or is he just choosing randomly? – Joe - 2005-12-02 10:28 UTC
He's actually a comment spammer, not a wiki spammer. He only hits wikis when he has somehow confused a wiki edit form for a blog/forum comment form (in fact, the only wikis he seems to hit are a couple of OddMuse-based wikis). He seems to be primarily a poker spammer (search for "isismedia.com" and you'll turn up some of his blog spam). He doesn't just use movie domains for test runs - I've also seen him use british museums/charities, news organizations and others (maybe from DMOZ categories?) A google search for rel itsok reveals tons of his stuff.
– RichardP - 2005-12-02 10:47 UTC
Wow. I got my first Spim (instant message spam) in many years. I am not on IM too much so I guess I miss out on them. This was on Yahoo which I hardly ever use and I had my client set to Away.
urlisax: hi... ayone there? urlisax: well anyway, guess your not therr?
"Her" profile proves what was going on. It is in the Adult Profiles section for a reason. From there you can get the link to cyberfungirls.com
I ignored her for long enough that when I finally did reply she was gone.
More on this cybersex "chat" bot:
http://www.rageear.com/archives/2002/09/this_is_what_el.html
http://jaymee.org/jaymee/viewtopic.php?p=16729
http://raw360.com/item/518
http://raw360.com/item/523
– Joe - 2005-12-02 06:22 UTC
Related to Spim bots, I just read a short article on malicious IM bots. – Joe - 2005-12-08 00:46 UTC